PT-2020-9739 · Nextcloud+1 · Nextcloud+1

Published

2020-02-04

Updated

2020-10-15

CVE-2019-15616

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Nextcloud version 16

Description The issue allows for DNS pollution when dangling remote share attempts are made in Nextcloud 16, particularly when running for an extended period.

Recommendations For Nextcloud version 16, consider restricting access to remote share functionality as a temporary workaround until a patch is available.

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-93

Related Identifiers

ALT-PU-2020-3060

CVE-2019-15616

Affected Products

Alt Linux

Nextcloud

PT-2020-9739 · Nextcloud+1 · Nextcloud+1

CVE-2019-15616

Weakness Enumeration

Related Identifiers

Affected Products

References · 5